Ransomware Rampage: SharePoint Vulnerability Exploits Hit 148 Organizations Worldwide!
Ransomware gangs are now exploiting a Microsoft SharePoint vulnerability chain, leading to breaches at 148 organizations worldwide. Dubbed “ToolShell,” this campaign even targeted the U.S. National Nuclear Security Administration. Security researchers discovered a new 4L4MD4R ransomware variant, demanding a whopping 0.005 Bitcoin. The plot thickens with China’s alleged involvement.
Hot Take:
Ransomware gangs are like those uninvited relatives who show up at family gatherings, except this time, they’re crashing SharePoint vulnerability parties, encrypting your files, and demanding Bitcoin. The nerve! As usual, Microsoft and Google are playing detective, pointing fingers at Chinese state-backed hacking groups. Meanwhile, security researchers are left untangling the web of chaos, like trying to solve a Rubik’s Cube blindfolded. Grab your popcorn, folks, because this SharePoint drama is going international!
Key Points:
- Ransomware gangs have joined in exploiting a Microsoft SharePoint vulnerability chain, leading to breaches in at least 148 organizations.
- The 4L4MD4R ransomware variant, based on open-source code, has been identified as part of this exploitation campaign.
- Microsoft and Google have linked the attacks to Chinese state-backed groups: Linen Typhoon, Violet Typhoon, and Storm-2603.
- Microsoft issued patches for the vulnerabilities, but the campaign has already impacted high-profile targets globally.
- Over 400 servers have been compromised, with ongoing investigations to identify the full scope of the attack.